cvs commit: src/sys/netinet ip_input.c
Max Laier
max at love2party.net
Fri Sep 24 05:51:57 PDT 2004
On Friday 24 September 2004 14:18, Maxim Konovalov wrote:
> maxim 2004-09-24 12:18:41 UTC
>
> FreeBSD src repository
>
> Modified files:
> sys/netinet ip_input.c
> Log:
> o Turn net.inet.ip.check_interface sysctl off by default.
>
> When net.inet.ip.check_interface was MFCed to RELENG_4 3+ years ago in
> rev. 1.130.2.17 ip_input.c it was 1 by default but shortly changed to
> 0 (accidently?) in rev. 1.130.2.20 in RELENG_4 only. Among with the
> fact this knob is not documented it breaks POLA especially in bridge
> environment.
>
> OK'ed by: andre
> Reviewed by: -current
Can we have a plan to move towards turning it on again? For RELENG_6 the
latest. This check is useful and we should have the code exposed by default
so that new code does not break the assumption. The documentation issue has
to be resolved, of course.
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-src/attachments/20040924/3cdebae0/attachment.bin
More information about the cvs-src
mailing list